Skip to content

Commit

Permalink
[DATALAD RUNCMD] run codespell throughout fixing typos automagically
Browse files Browse the repository at this point in the history
=== Do not change lines below ===
{
 "chain": [],
 "cmd": "codespell -w",
 "exit": 0,
 "extra_inputs": [],
 "inputs": [],
 "outputs": [],
 "pwd": "."
}
^^^ Do not change lines above ^^^
  • Loading branch information
yarikoptic committed Feb 28, 2024
1 parent 5675ac2 commit d77c471
Show file tree
Hide file tree
Showing 10 changed files with 18 additions and 18 deletions.
8 changes: 4 additions & 4 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
* #1311 Add option to disable client_secret hashing to allow verifying JWTs' signatures.
* #1337 Gracefully handle expired or deleted refresh tokens, in `validate_user`.
* #1350 Support Python 3.12 and Django 5.0
* #1249 Add code_challenge_methods_supported property to auto discovery informations, per [RFC 8414 section 2](https://www.rfc-editor.org/rfc/rfc8414.html#page-7)
* #1249 Add code_challenge_methods_supported property to auto discovery information, per [RFC 8414 section 2](https://www.rfc-editor.org/rfc/rfc8414.html#page-7)


### Fixed
Expand Down Expand Up @@ -137,7 +137,7 @@ This is a major release with **BREAKING** changes. Please make sure to review th

### Added
* #969 Add batching of expired token deletions in `cleartokens` management command and `models.clear_expired()`
to improve performance for removal of large numers of expired tokens. Configure with
to improve performance for removal of large numbers of expired tokens. Configure with
[`CLEAR_EXPIRED_TOKENS_BATCH_SIZE`](https://django-oauth-toolkit.readthedocs.io/en/latest/settings.html#clear-expired-tokens-batch-size) and
[`CLEAR_EXPIRED_TOKENS_BATCH_INTERVAL`](https://django-oauth-toolkit.readthedocs.io/en/latest/settings.html#clear-expired-tokens-batch-interval).
* #1070 Add a Celery task for clearing expired tokens, e.g. to be scheduled as a [periodic task](https://docs.celeryproject.org/en/stable/userguide/periodic-tasks.html).
Expand Down Expand Up @@ -222,7 +222,7 @@ This is a major release with **BREAKING** changes. Please make sure to review th

### Added
* #917 Documentation improvement for Access Token expiration.
* #916 (for DOT contributors) Added `tox -e livedocs` which launches a local web server on `locahost:8000`
* #916 (for DOT contributors) Added `tox -e livedocs` which launches a local web server on `localhost:8000`
to display Sphinx documentation with live updates as you edit.
* #891 (for DOT contributors) Added [details](https://django-oauth-toolkit.readthedocs.io/en/latest/contributing.html)
on how best to contribute to this project.
Expand Down Expand Up @@ -427,7 +427,7 @@ This is a major release with **BREAKING** changes. Please make sure to review th
* #185: fixed vulnerabilities on Basic authentication
* #173: ProtectResourceMixin now allows OPTIONS requests
* Fixed `client_id` and `client_secret` characters set
* #169: hide sensitive informations in error emails
* #169: hide sensitive information in error emails
* #161: extend search to all token types when revoking a token
* #160: return empty response on successful token revocation
* #157: skip authorization form with ``skip_authorization_completely`` class field
Expand Down
2 changes: 1 addition & 1 deletion docs/getting_started.rst
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,7 @@ Configure ``users.User`` to be the model used for the ``auth`` application by ad
AUTH_USER_MODEL = 'users.User'
Create inital migration for ``users`` application ``User`` model::
Create initial migration for ``users`` application ``User`` model::

python manage.py makemigrations

Expand Down
4 changes: 2 additions & 2 deletions docs/oidc.rst
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ that must be provided. ``django-oauth-toolkit`` supports two different
algorithms for signing JWT tokens, ``RS256``, which uses asymmetric RSA keys (a
public key and a private key), and ``HS256``, which uses a symmetric key.

It is preferrable to use ``RS256``, because this produces a token that can be
It is preferable to use ``RS256``, because this produces a token that can be
verified by anyone using the public key (which is made available and
discoverable by OIDC service auto-discovery, included with
``django-oauth-toolkit``). ``HS256`` on the other hand uses the
Expand Down Expand Up @@ -372,7 +372,7 @@ for a POST request.

Again, to modify the content delivered, we need to add a function to our
custom validator. The default implementation adds the claims from the ID
token, so you will probably want to re-use that::
token, so you will probably want to reuse that::

class CustomOAuth2Validator(OAuth2Validator):

Expand Down
2 changes: 1 addition & 1 deletion docs/tutorial/tutorial_01.rst
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ Let's register your application.

You need to be logged in before registration. So, go to http://localhost:8000/admin and log in. After that
point your browser to http://localhost:8000/o/applications/ and add an Application instance.
`Client id` and `Client Secret` are automatically generated; you have to provide the rest of the informations:
`Client id` and `Client Secret` are automatically generated; you have to provide the rest of the information:

* `User`: the owner of the Application (e.g. a developer, or the currently logged in user.)

Expand Down
2 changes: 1 addition & 1 deletion docs/tutorial/tutorial_04.rst
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ obtained in :doc:`part 1 <tutorial_01>`. If your application type is `Confidenti
token=XXXX&client_id=XXXX&client_secret=XXXX


The server will respond wih a ``200`` status code on successful revocation. You can use ``curl`` to make a revoke request on your server. If you have access to a local installation of your authorization server, you can test revoking a token with a request like that shown below, for a `Confidential` client.
The server will respond with a ``200`` status code on successful revocation. You can use ``curl`` to make a revoke request on your server. If you have access to a local installation of your authorization server, you can test revoking a token with a request like that shown below, for a `Confidential` client.

::

Expand Down
2 changes: 1 addition & 1 deletion oauth2_provider/contrib/rest_framework/permissions.py
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ class IsAuthenticatedOrTokenHasScope(BasePermission):
This only returns True if the user is authenticated, but not using a token
or using a token, and the token has the correct scope.
This is usefull when combined with the DjangoModelPermissions to allow people browse
This is useful when combined with the DjangoModelPermissions to allow people browse
the browsable api's if they log in using the a non token bassed middleware,
and let them access the api's using a rest client with a token
"""
Expand Down
8 changes: 4 additions & 4 deletions oauth2_provider/oauth2_validators.py
Original file line number Diff line number Diff line change
Expand Up @@ -103,10 +103,10 @@ def _extract_basic_auth(self, request):
if not auth:
return None

splitted = auth.split(" ", 1)
if len(splitted) != 2:
split = auth.split(" ", 1)
if len(split) != 2:
return None
auth_type, auth_string = splitted
auth_type, auth_string = split

if auth_type != "Basic":
return None
Expand Down Expand Up @@ -922,7 +922,7 @@ def _get_client_by_audience(self, audience):
return Application.objects.filter(client_id__in=audience).first()

def validate_user_match(self, id_token_hint, scopes, claims, request):
# TODO: Fix to validate when necessary acording
# TODO: Fix to validate when necessary according
# https://github.com/idan/oauthlib/blob/master/oauthlib/oauth2/rfc6749/request_validator.py#L556
# http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest id_token_hint section
return True
Expand Down
4 changes: 2 additions & 2 deletions oauth2_provider/views/base.py
Original file line number Diff line number Diff line change
Expand Up @@ -77,10 +77,10 @@ class AuthorizationView(BaseAuthorizationView, FormView):
* then receive a ``POST`` request possibly after user authorized the access
Some informations contained in the ``GET`` request and needed to create a Grant token during
Some information contained in the ``GET`` request and needed to create a Grant token during
the ``POST`` request would be lost between the two steps above, so they are temporarily stored in
hidden fields on the form.
A possible alternative could be keeping such informations in the session.
A possible alternative could be keeping such information in the session.
The endpoint is used in the following flows:
* Authorization code
Expand Down
2 changes: 1 addition & 1 deletion tests/app/idp/idp/oauth.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
from oauth2_provider.oauth2_validators import OAuth2Validator


# get_response is required for middlware, it doesn't need to do anything
# get_response is required for middleware, it doesn't need to do anything
# the way we're using it, so we just use a lambda that returns None
def get_response():
None
Expand Down
2 changes: 1 addition & 1 deletion tests/test_implicit.py
Original file line number Diff line number Diff line change
Expand Up @@ -361,7 +361,7 @@ def test_id_token_skip_authorization_completely_missing_nonce(self):
response = self.client.get(reverse("oauth2_provider:authorize"), data=query_data)
self.assertEqual(response.status_code, 302)
self.assertIn("error=invalid_request", response["Location"])
self.assertIn("error_description=Request+is+missing+mandatory+nonce+paramete", response["Location"])
self.assertIn("error_description=Request+is+missing+mandatory+nonce+parameter", response["Location"])

def test_id_token_post_auth_deny(self):
"""
Expand Down

0 comments on commit d77c471

Please sign in to comment.